Google publikuje aktualizację zabezpieczeń systemu Android 09/2020

utworzone przez | wrz 9, 2020 | Aktualizacje

Google opublikowało wrześniowy biuletyn bezpieczeństwa systemu Android, w którym zamieszczono poprawki do 53 podatności tego systemu, w tym 8 jest krytycznych.

CERT PSE zachęca do zapoznania się z wrześniowym biuletynem bezpieczeństwa Google Android i stosowanie aktualizacji dostarczanych przez poszczególnych producentów urządzeń.

Google Play system
CVEComponent
CVE-2020-0245Media Codecs
CVE-2020-0383Media Framework components
CVESeverityUpdated AOSP versions
 Framework 
CVE-2020-0074High8.0, 8.1, 9, 10
CVE-2020-0388High10
CVE-2020-0391High9, 10
CVE-2020-0401High8.0, 8.1, 9, 10
CVE-2020-0382High10
CVE-2020-0389High10
CVE-2020-0390High10
CVE-2020-0395High8.0, 8.1, 9, 10
CVE-2020-0397High8.0, 8.1, 9, 10
CVE-2020-0399High8.0, 8.1, 9, 10
 Media Framework 
CVE-2020-0245High10
CVE-2020-0245Critical8.0, 8.1, 9
CVE-2020-0392High9, 10
CVE-2020-0381High8.0, 8.1, 9, 10
CVE-2020-0383High8.0, 8.1, 9, 10
CVE-2020-0384High8.0, 8.1, 9, 10
CVE-2020-0385High8.0, 8.1, 9, 10
CVE-2020-0393High9, 10
 System 
CVE-2020-0380Critical8.0, 8.1, 9, 10
CVE-2020-0396Critical8.0, 8.1, 9, 10
CVE-2020-0386High8.0, 8.1, 9, 10
CVE-2020-0394High8.0, 8.1, 9, 10
CVE-2020-0379High8.0, 8.1, 9, 10
CVESeverityComponent
 Kernel 
CVE-2020-0402HighStorage subsystem
CVE-2020-0404HighUSB driver
CVE-2020-0407HighF2FS
 MediaTek components 
CVE-2020-0123HighSound driver of Android TV
CVE-2020-0229Highmdla
CVE-2020-0278HighATF
CVE-2020-0342HighATF
 Qualcomm components 
CVE-2019-10527HighKernel
CVE-2019-14117HighKernel
CVE-2020-3613HighKernel
CVE-2020-3656HighKernel
CVE-2020-11124HighKernel
 Qualcomm closed-source components 
CVE-2019-10628CriticalClosed-source component
CVE-2019-10629CriticalClosed-source component
CVE-2019-13994CriticalClosed-source component
CVE-2020-3621CriticalClosed-source component
CVE-2020-3634CriticalClosed-source component
CVE-2019-10596HighClosed-source component
CVE-2019-13992HighClosed-source component
CVE-2019-13995HighClosed-source component
CVE-2019-14074HighClosed-source component
CVE-2020-3617HighClosed-source component
CVE-2020-3620HighClosed-source component
CVE-2020-3622HighClosed-source component
CVE-2020-3629HighClosed-source component
CVE-2020-3671HighClosed-source component
CVE-2020-11129HighClosed-source component
CVE-2020-11133HighClosed-source component
CVE-2020-11135HighClosed-source component